2021-01-17 13:04:43 +00:00
|
|
|
#jinja2: lstrip_blocks: "True"
|
|
|
|
|
|
|
|
# Adapted from
|
|
|
|
# https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/roles/matrix-coturn/templates/turnserver.conf.j2
|
|
|
|
# in Jan. 2021
|
|
|
|
|
2021-01-19 18:44:16 +00:00
|
|
|
realm=turn.{{ site.url }}
|
|
|
|
use-auth-secret
|
|
|
|
static-auth-secret={{ site.coturn.static_auth_secret }}
|
|
|
|
|
|
|
|
# Listener IP address of relay server. Multiple listeners can be specified.
|
|
|
|
# If no IP(s) specified in the config file or in the command line options,
|
|
|
|
# then all IPv4 and IPv6 system IPs will be used for listening.
|
|
|
|
#
|
|
|
|
listening-ip={{ site.coturn.external_ip }}
|
|
|
|
|
|
|
|
# Relay address (the local IP address that will be used to relay the
|
|
|
|
# packets to the peer).
|
|
|
|
# Multiple relay addresses may be used.
|
|
|
|
# The same IP(s) can be used as both listening IP(s) and relay IP(s).
|
|
|
|
#
|
|
|
|
# If no relay IP(s) specified, then the turnserver will apply the default
|
|
|
|
# policy: it will decide itself which relay addresses to be used, and it
|
|
|
|
# will always be using the client socket IP address as the relay IP address
|
|
|
|
# of the TURN session (if the requested relay address family is the same
|
|
|
|
# as the family of the client socket).
|
|
|
|
#
|
|
|
|
#relay-ip={{ site.coturn.external_ip }}
|
|
|
|
|
|
|
|
#external-ip={{ site.coturn.external_ip }}
|
|
|
|
|
2021-01-17 20:22:35 +00:00
|
|
|
# TURN listener port for UDP and TCP (Default: 3478).
|
|
|
|
# Note: actually, TLS & DTLS sessions can connect to the
|
|
|
|
# "plain" TCP & UDP port(s), too - if allowed by configuration.
|
|
|
|
listening-port={{ site.coturn.listening_port }}
|
|
|
|
|
|
|
|
# Alternative listening port for UDP and TCP listeners;
|
|
|
|
# default (or zero) value means "listening port plus one".
|
|
|
|
# This is needed for RFC 5780 support
|
|
|
|
# (STUN extension specs, NAT behavior discovery). The TURN Server
|
|
|
|
# supports RFC 5780 only if it is started with more than one
|
|
|
|
# listening IP address of the same family (IPv4 or IPv6).
|
|
|
|
# RFC 5780 is supported only by UDP protocol, other protocols
|
|
|
|
# are listening to that endpoint only for "symmetry".
|
|
|
|
#
|
2021-01-19 18:44:16 +00:00
|
|
|
#alt-listening-port=0
|
2021-01-17 20:22:35 +00:00
|
|
|
|
2021-01-17 13:04:43 +00:00
|
|
|
|
|
|
|
min-port={{ site.coturn.min_port }}
|
|
|
|
max-port={{ site.coturn.min_port }}
|
2021-01-19 18:44:16 +00:00
|
|
|
|
2021-01-17 13:04:43 +00:00
|
|
|
|
|
|
|
log-file=stdout
|
2021-01-19 18:44:16 +00:00
|
|
|
pidfile=/var/lib/coturn/turnserver.pid
|
|
|
|
userdb=/var/lib/coturn/turnserver.db
|
|
|
|
|
|
|
|
# PROD
|
|
|
|
#prod
|
|
|
|
# DEBUG
|
|
|
|
verbose
|
2021-01-17 13:04:43 +00:00
|
|
|
|
|
|
|
no-cli
|
|
|
|
no-tls
|
|
|
|
no-dtls
|
|
|
|
|
|
|
|
no-tcp-relay
|
|
|
|
|
|
|
|
{% if site.coturn.user_quota != None %}
|
|
|
|
user-quota={{ site.coturn.user_quota }}
|
|
|
|
{% endif %}
|
|
|
|
{% if site.coturn.total_quota != None %}
|
|
|
|
total-quota={{ site.coturn.total_quota }}
|
|
|
|
{% endif %}
|
|
|
|
|
2021-01-17 20:35:19 +00:00
|
|
|
{% for ip_range in site.coturn.denied_peer_ips %}
|
2021-01-17 13:04:43 +00:00
|
|
|
denied-peer-ip={{ ip_range }}
|
|
|
|
{% endfor %}
|
2021-01-17 20:35:19 +00:00
|
|
|
{% for ip_range in site.coturn.allowed_peer_ips %}
|
2021-01-17 13:04:43 +00:00
|
|
|
allowed-peer-ip={{ ip_range }}
|
2021-01-19 18:44:16 +00:00
|
|
|
{% endfor %}
|
|
|
|
allowed-peer-ip={{ site.coturn.external_ip }}
|